• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 559
  • Last Modified:

EventID 1202: Security Policies are propagated with warning 0x534

My remote users could not login to terminal server anymore, they received an error on the RPC server.

After some digging I found thatL:
Server Management > Advanced Management > Group Policy Management > .... > Group Policy Objects > Small Business Services Auding Policy
Was set to: User Configuration Settings Disabled.
When I switched it to enabled they were able to login again.
I don't know if this setting was changed by someone, or maybe it needs to be on "User Configuration Settings Disabled".
By changing it to enabled did I compromise security? What could have caused this to happen in the first place?

I realize more information is needed to diagnose, just let me know what is needed and I will post. Thanks!
0
dutch7773
Asked:
dutch7773
1 Solution
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Your "fix" is interesting, because it probably does prevent the error which was blocking user logons... however it is probably the wrong way to fix this problem.  User settings are supposed to be disabled by default... (and there aren't any settings under User Settings by default).

Since you didn't say which version of SBS you have, I'm assuming that its SBS 2003 since that GPO went away in later versions.

Please look at the GPO's Scope Tab and Delegation Tab and make sure that there aren't any accounts listed which only show a SID (ie, the account was removed or disabled).  If there are any of those listed, remove them from the GPO's settings.

To answer your basic question, modifying this GPO does not at all compromise security of your network, and in fact, you could actually disable the GPO entirely.

The GPO merely collects data which is used in SBS 2003's monitoring reports.

Jeff
TechSoEasy
0
 
dutch7773Author Commented:
Thank you for your answer. Meanwhile I found a username that was misspelled and I removed it. The strange thing is that this user name was added by the previous management company so it must have been there for a quite a while (over a year) and never did any harm. So why did SBS2003 all of a sudden stumble over this misspelled username now? Strange deal.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now